After we upgraded to 1.7.6, we started seeing authentication issues for 
some users who have never signed in review board before. The issue tracked 
down was in 1.7.6 after the authentication was done in 
LDAPBackend.authenticate(), it calls self.get_or_create_user(username, 
ldapo) with ldapo, basically reuses the simple binding object to avoid a 
second auth in get_or_create_user().  In 1.6.13, it has to re-authenticate 
the simple bind before searching the user. 

Reusing ldapo seems to cause LDAP failure for new users (users who sign in 
the first time). A typical error is:

(Pdb) search_result = ldapo.search_s(settings.LDAP_BASE_DN,
                                                        "(%s)" % 
settings.LDAP_UID_MASK % username)
*** INVALID_CREDENTIALS: {'info': '80090308: LdapErr: DSID-0C090334, 
comment: AcceptSecurityContext error, data 52e, vece', 'desc': 'Invalid 

The problem goes away after switching back to the auth scheme in 1.6.13

Get the Review Board Power Pack at http://www.reviewboard.org/powerpack/
Sign up for Review Board hosting at RBCommons: https://rbcommons.com/
Happy user? Let us know at http://www.reviewboard.org/users/
You received this message because you are subscribed to the Google Groups 
"reviewboard" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to reviewboard+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Reply via email to